Jump to content

Advisories MDVSA-2010:211: mozilla-thunderbird

paul

By paul
in Mandriva Security Advisories

 Share

Recommended Posts

paul Platinum

paul

Posted
Posted

Security issues were identified and fixed in mozilla-thunderbird:

 

The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x

before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and

SeaMonkey before 2.0.9 does not properly set the minimum key length

for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for

remote attackers to defeat cryptographic protection mechanisms via

a brute-force attack (CVE-2010-3173).

 

Unspecified vulnerability in the browser engine in Mozilla Firefox

3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before

2.0.9 allows remote attackers to cause a denial of service (memory

corruption and application crash) or possibly execute arbitrary code

via unknown vectors (CVE-2010-3174, CVE-2010-3175, CVE-2010-3176).

 

Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird

before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do

not properly handle certain modal calls made by javascript: URLs

in circumstances related to opening a new window and performing

cross-domain navigation, which allows remote attackers to bypass the

Same Origin Policy via a crafted HTML document (CVE-2010-3178).

 

Stack-based buffer overflow in the text-rendering functionality in

Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird

before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows

remote attackers to execute arbitrary code or cause a denial of service

(memory corruption and application crash) via a long argument to the

document.write method (CVE-2010-3179).

 

Use-after-free vulnerability in the nsBarProp function in Mozilla

Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before

3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote

attackers to execute arbitrary code by accessing the locationbar

property of a closed window (CVE-2010-3180).

 

A certain application-launch script in Mozilla Firefox before 3.5.14

and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before

3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length

directory name in the LD_LIBRARY_PATH, which allows local users to

gain privileges via a Trojan horse shared library in the current

working directory (CVE-2010-3182).

 

The LookupGetterOrSetter function in Mozilla Firefox before

3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x

before 3.1.5, and SeaMonkey before 2.0.9 does not properly support

window.__lookupGetter__ function calls that lack arguments, which

allows remote attackers to execute arbitrary code or cause a denial

of service (incorrect pointer dereference and application crash)

via a crafted HTML document (CVE-2010-3183).

 

Packages for 2009.0 are provided as of the Extended Maintenance

Program. Please visit this link to learn more:

http://store.mandriva.com/product_info.php?cPath=149&products_id=490

 

Additionally, some packages which require so, have been rebuilt and

are being provided as updates.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...